Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

On Thursday, the company seeded developers with a pre-release copy of the update. Recipients said the patch was dated July 14, suggesting Apple plans to release it to users Monday.

"Security Update 2003-07-14 addresses a potential vulnerability when a password is required upon waking from the Screen Effects feature, which could allow an unauthorized user access to the desktop of the logged in user," Apple reportedly told developers in a note accompanying the seed.

The Screen Effects security hole was first publicized last week in a post to the Full Disclosure mailing list. Mac OS Xs screen saver can be locked with a password, preventing access to the desktop. A user discovered that by pressing a key for several minutes and then hitting the enter key, the screen saver could crash, allowing desktop access.

Further reading

A post to SecuriTeam.com said the crash takes place because of a large buffer of between 1,280 and 1,380 characters that is sent as the password.

Last month the Mac maker released a security update to Mac OS X Server that updated its installation of Apache 2.0, patching a mod_dav security hole. Apple plans to release the next major OS X upgrade, Version 10.3 aka Panther, in both client and server flavors by the end of the year.

Cupertino, Calif.-based Apple was not immediately available for comment.